[crypto] Add concept of cipher alignment size

The GCM cipher mode of operation (in common with other counter-based
modes of operation) has a notion of blocksize that does not neatly
fall into our current abstraction: it does operate in 16-byte blocks
but allows for an arbitrary overall data length (i.e. the final block
may be incomplete).

Model this by adding a concept of alignment size.  Each call to
encrypt() or decrypt() must begin at a multiple of the alignment size
from the start of the data stream.  This allows us to model GCM by
using a block size of 1 byte and an alignment size of 16 bytes.

As a side benefit, this same concept allows us to neatly model the
fact that raw AES can encrypt only a single 16-byte block, by
specifying an alignment size of zero on this cipher.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

3 files changed, 3 insertions, 0 deletions

diff --git a/src/crypto/aes.c b/src/crypto/aes.c
index aeeaa1d2c..5200e7760 100644
--- a/src/crypto/aes.c
+++ b/src/crypto/aes.c
@@ -784,6 +784,7 @@ struct cipher_algorithm aes_algorithm = {
 	.name = "aes",
 	.ctxsize = sizeof ( struct aes_context ),
 	.blocksize = AES_BLOCKSIZE,
+	.alignsize = 0,
 	.authsize = 0,
 	.setkey = aes_setkey,
 	.setiv = cipher_null_setiv,
diff --git a/src/crypto/arc4.c b/src/crypto/arc4.c
index 4d98abead..3b6adec19 100644
--- a/src/crypto/arc4.c
+++ b/src/crypto/arc4.c
@@ -119,6 +119,7 @@ struct cipher_algorithm arc4_algorithm = {
 	.name = "ARC4",
 	.ctxsize = ARC4_CTX_SIZE,
 	.blocksize = 1,
+	.alignsize = 1,
 	.authsize = 0,
 	.setkey = arc4_setkey,
 	.setiv = cipher_null_setiv,
diff --git a/src/crypto/crypto_null.c b/src/crypto/crypto_null.c
index 26cfbfc4e..0ad463c3e 100644
--- a/src/crypto/crypto_null.c
+++ b/src/crypto/crypto_null.c
@@ -84,6 +84,7 @@ struct cipher_algorithm cipher_null = {
 	.name = "null",
 	.ctxsize = 0,
 	.blocksize = 1,
+	.alignsize = 1,
 	.authsize = 0,
 	.setkey = cipher_null_setkey,
 	.setiv = cipher_null_setiv,